Re: 7.3.1 stamped

On Wed, 18 Dec 2002, Bruce Momjian wrote:

> Marc G. Fournier wrote:
> > On Tue, 17 Dec 2002, Nathan Mueller wrote:
> >
> > > > Well, we break backward compatibility so people can't use SSL2 to
> > > > connect to the server. Backward compatibility to a broken protocol
> > > > isn't what I would call secure. Is that accurate?
> > >
> > > I suppose. As long as the incompatibilty is mentioned in HISTORY I'm
> > > fine.
> >
> > I read the SSL_CTX_new man page, and they recommend using SSLv23_method to
> > provide backwards compatibility ... if someone doesn't wan tto use SSL2,
> > they have the option to use TLS, but we shouldn't be forcigin them to use
> > one or the othe r...
> >
> > I have made the change and am just building v7.3.1 right now ... should be
> > available in a few minutes, and I'll announce it this evening as being
> > available ... can you grab a copy and make sure that it works as expected?
>
> OK, I see from your commit message:
>
>  From the SSL_CTX_new man page:
>
>  "SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)
>
>  A TLS/SSL connection established with these methods will understand the SSLv2,
>  SSLv3, and TLSv1 protocol. A client will send out SSLv2 client hello messages
>  and will indicate that it also understands SSLv3 and TLSv1. A server will
>  understand SSLv2, SSLv3, and TLSv1 client hello messages. This is the best
>  choice when compatibility is a concern."
>
>  This will maintain backwards compatibility for those us that don't use
>  TLS connections ...
>
> My question is whether it is safe to be making this change in a minor
> release?  Does it work with 7.3 to 7.3.1 combinations?  My other
> question is, if SSLv2 isn't secure, couldn't a client say they only
> support SSLv2, and hence break into the server?  That was my original
> hesitancy, that and the fact Bear the SSL guy didn't want it.

Wow, which part of "A TLS/SSL connection established with these methods
will understand the SSLv2, SSLv3, and TLSv1 protocol" are you finiding
particularly confusing?  As nate explained to you, and the man page
section I commited states, TLSv1_method *only* supports TLS connections
... SSLv23_method supports SSLv2, v3 and TLSv1 ...

As for 'break into the server" ... ummm ... isn't that what pg_hba.conf is
for?  I don't know about servers you run, but I don't let just anyone
connect to my server, and, in fact, close down the databases themsleves to
specific users ... if you don't trust the client, why are you giving him
accss to your data, regardless of the protocol being used to encrypt the
sessino??